Lictor Scanning Policy

If you reached this page from a Lictor-Patrol User-Agent in your logs, this explains who we are and how to opt out instantly.
Lictor is an independent security-research project. We look for publicly exposed security problems: leaked credentials, exposed config files, and subdomain takeovers. Then we privately notify the owners so they can fix them before criminals find them. We are not attacking you; we are trying to help you, for free.

What we do

What we never do

How to identify us

Opt out instantly, no questions asked

Email abuse@lictor-ai.com with the domain(s) you want excluded. We add you to our permanent exclusion list and you will not be contacted or scanned again. If you are an ISP or hosting provider acting on behalf of customers, send the range or domain list and we will honor it the same way.

Abuse & contact

Security or abuse questions: abuse@lictor-ai.com. We respond to every message from a real person within one business day.

Lictor · independent security research · responsible disclosure only · security.txt